CWE-131

High likelihood

Incorrect Calculation of Buffer Size

Parent: CWE-682 - Incorrect Calculation

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

182 vulnerabilities with CWE-131
CVE-2026-46521 MEDIUM
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
CVSS 5.5
CVE-2026-11604 MEDIUM
Openvpn Ovpn-dco-win < 2.5.8 - Heap-based Buffer Overflow
CVE-2026-49841 CRITICAL
FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read
CVSS 9.8
CVE-2026-42915 MEDIUM
Microsoft Windows TCP/IP - Authorized Adjacent Network Denial of Service
CVSS 5.7
CVE-2026-40618 HIGH
F5 BIG-IP SSL/TLS - TMM Denial of Service
CVSS 7.5
CVE-2026-44223 MEDIUM
vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters
CVSS 6.5
CVE-2026-43302 MEDIUM
drm/v3d: Set DMA segment size to avoid debug warnings
CVSS 5.5
CVE-2026-43107 MEDIUM
xfrm: account XFRMA_IF_ID in aevent size calculation
CVSS 5.5
CVE-2026-41676 CRITICAL
rust-openssl 0.9.27-0.10.77 - Memory Corruption
CVSS 9.8
CVE-2026-1949 CRITICAL
Incorrect calculation of buffer size on the stack in AS320T
CVSS 9.8
CVE-2026-41197 CRITICAL
Brillig: Heap corruption in foreign call results with nested tuple arrays
CVE-2026-29645 HIGH
NEMU <v2025.12.r2 - Instruction Validation Flaw
CVSS 7.5
CVE-2026-27820 CRITICAL
zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption
CVSS 9.8
CVE-2026-40918 MEDIUM
Gimp: gimp: denial of service via crafted pvr image file
CVSS 5.5
CVE-2026-20911 CRITICAL
LibRaw - Heap-Based Buffer Overflow in HuffTable::initval
CVSS 9.8
CVE-2026-33987 HIGH
FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write
CVSS 7.1
CVE-2026-33986 HIGH
FreeRDP: H.264 YUV Buffer Dimension Desync - Heap OOB Write
CVSS 7.5
CVE-2026-33985 MEDIUM
FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read
CVSS 5.9
CVE-2026-33984 HIGH
FreeRDP: ClearCodec resize_vbar_entry() Heap OOB Write
CVSS 7.5
CVE-2026-31970 HIGH
HTSlib BGZF GZI Index - Heap Buffer Overflow
CVSS 8.1
CVE-2026-28686 MEDIUM
ImageMagick <7.1.2-16/6.9.13-41 - Buffer Overflow
CVSS 6.8
CVE-2026-20049 HIGH
Cisco ASA 9.18.1-9.18.4.65 & FTD 7.2.0-7.2.10 DoS via GCM-Encrypted IKEv2 IPsec Traffic
CVSS 7.7
CVE-2026-2738 MEDIUM
ovpn-dco-win 2.8.0 - Buffer Overflow
CVE-2026-1188 CRITICAL
Eclipse OMR 0.2.0-0.7.9 - Buffer Overflow in Processor Feature Name API
CVSS 9.8
CVE-2026-22791 MEDIUM
openCryptoki 3.25.0-3.26.0 - Heap Buffer Overflow in CKM_ECDH_AES_KEY_WRAP via Compressed EC Public Key
CVSS 6.6
Details
Vulnerabilities 182
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits